public function onPost() { try { $email = $this->post->email('string', array(new Filter\Length(3, 64), new Filter\Email())); $captcha = $this->post->captcha('string'); // check captcha if anonymous $captchaProvider = Captcha::factory($this->config['amun_captcha']); if (!$captchaProvider->verify($captcha)) { throw new Exception('Invalid captcha'); } if (!$this->validate->hasError()) { $handler = $this->getHandler('AmunService\\User\\Account'); $account = $handler->getOneByIdentity(sha1($this->config['amun_salt'] . $email), array('id', 'name', 'status', 'email'), Sql::FETCH_OBJECT); if ($account instanceof Account\Record) { if (!in_array($account->status, array(Account\Record::NORMAL, Account\Record::ADMINISTRATOR))) { throw new Exception('Account has an invalid status'); } if (!empty($account->email)) { $token = Security::generateToken(); $link = $this->page->getUrl() . '/login/resetPw?token=' . $token; $date = new DateTime('NOW', $this->registry['core.default_timezone']); // update status $account->setStatus(Account\Record::RECOVER); $account->setToken($token); $handler->update($account); // send mail $values = array('account.name' => $account->name, 'host.name' => $this->base->getHost(), 'recover.ip' => $_SERVER['REMOTE_ADDR'], 'recover.link' => $this->page->getUrl() . '/resetPw?token=' . $token, 'recover.date' => $date->format($this->registry['core.format_date'])); $mail = new Mail($this->registry); $mail->send('LOGIN_RECOVER', $account->email, $values); $this->template->assign('success', true); } else { throw new Exception('No public email address is set for this account'); } } else { throw new Exception('Account does not exist'); } } else { throw new Exception($this->validate->getLastError()); } } catch (\Exception $e) { $this->template->assign('error', $e->getMessage()); } }
public function onGet() { try { $token = $this->get->token('string', array(new Filter\Length(40, 40), new Filter\Xdigit())); if ($token !== false) { $handler = $this->getHandler('AmunService\\User\\Account'); $account = $handler->getRecoverByToken($token); if ($account instanceof Account\Record) { if (!empty($account->email)) { if ($_SERVER['REMOTE_ADDR'] == $account->ip) { $security = new Security($this->registry); $pw = $security->generatePw(); $date = new DateTime('NOW', $this->registry['core.default_timezone']); $account->setStatus(Account\Record::NORMAL); $account->setPw($pw); $handler->update($account); // send mail $values = array('account.name' => $account->name, 'account.pw' => $pw, 'host.name' => $this->base->getHost(), 'recover.link' => $this->page->getUrl(), 'recover.date' => $date->format($this->registry['core.format_date'])); $mail = new Mail($this->registry); $mail->send('LOGIN_RECOVER_SUCCESS', $account->email, $values); $this->template->assign('success', true); } else { throw new Exception('Recover process was requested from another IP'); } } else { throw new Exception('No public email address is set for this account'); } } else { throw new Exception('Invalid token'); } } else { throw new Exception('Token not set'); } } catch (\Exception $e) { $this->template->assign('error', $e->getMessage()); } }
public function onPost() { try { $name = $this->post->name('string', array(new Filter\Length(3, 32)), 'name', 'Name'); $identity = $this->post->identity('string', array(new Filter\Length(3, 128), new Filter\Email()), 'email', 'Email'); $pw = $this->post->pw('string'); $pwRepeat = $this->post->pwRepeat('string'); $longitude = $this->post->longitude('float'); $latitude = $this->post->latitude('float'); $captcha = $this->post->captcha('string'); if (!$this->validate->hasError()) { // check whether registration is enabled if (!$this->registry['login.registration_enabled']) { throw new Exception('Registration is disabled'); } // compare pws if (strcmp($pw, $pwRepeat) != 0) { throw new Exception('Password ist not the same'); } // check captcha if anonymous $captchaProvider = Captcha::factory($this->config['amun_captcha']); if (!$captchaProvider->verify($captcha)) { throw new Exception('Invalid captcha'); } // create account record $handler = $this->getHandler('AmunService\\User\\Account'); $account = $handler->getRecord(); $account->setGroupId($this->registry['core.default_user_group']); $account->setStatus(Account\Record::NOT_ACTIVATED); $account->setIdentity($identity); $account->setName($name); $account->setPw($pw); $account->setLongitude($longitude); $account->setLatitude($latitude); $account = $handler->create($account); if (isset($account->id)) { // send activation mail $date = new DateTime('NOW', $this->registry['core.default_timezone']); $values = array('account.name' => $account->name, 'account.identity' => $identity, 'host.name' => $this->base->getHost(), 'register.link' => $this->page->getUrl() . '/register/activate?token=' . $account->token, 'register.date' => $date->format($this->registry['core.format_date'])); $mail = new Mail($this->registry); $mail->send('LOGIN_REGISTRATION', $identity, $values); $this->template->assign('success', true); } else { throw new Exception('Your account was added for approval'); } } else { throw new Exception($this->validate->getLastError()); } } catch (\Exception $e) { $this->template->assign('name', htmlspecialchars($name)); $this->template->assign('identity', htmlspecialchars($identity)); $this->template->assign('error', $e->getMessage()); } }